The British Government DDOS'd Anonymous, and I Don't Think It's a Big Deal (UPDATED)

Wednesday, February 05, 2014 - 02:41 PM

Update: Journalist Quinn Norton strongly disagreed with me on Twitter, so I asked her to write something about why she disagreed. I have attached her response to the bottom of the article.

One of the favorite tools of the internet hacker/troll collective Anonymous is the denial of service attack, or DDOS. Basically it works by flooding a site with so many queries that it becomes overwhelmed, and the rest of the internet can't access it. I've compared it in the past to the online equivalent of a sit-in - when deployed correctly, it disrupts business but causes no lasting damage.

According to the latest Snowden leaks, British authorities were using the same disruption methods against Anonymous that Anonymous was using against other parts of the internet.

Documents published by NBC show that Britain's GCHQ used DDOS attacks in 2011 to take an anonymous chatroom offline to prevent coordination among the group. This is notable because it's the first documented instance of a Western government engaging in this type of attack (the Syrian Electronic Army and the Chinese government have been known to commit DDOS attacks in the past).

The BBC quotes a security researcher at the University of Cambridge who questions the ethics of a government perpetrating this kind of online attack:

"It's quite possible that the server was used for other purposes which would have been entirely unrelated to Anonymous," he said.

"It's also likely that most of the chat that was going on about Anonymous was not to do with hacking because the people who join Anonymous are fairly wide-ranging in what they think it is legitimate to do.

"Some have gone into criminality but many others just go out and organise protests, letter-writing campaigns and other things that are not criminal."

Honestly, I'm just surprised that it took governments this long to get into the action, although it does seem a little hypocritical, seeing as the UK criminalized denial of service attacks in 2006. But I have a hard time getting my hackles up over this. DDOS will cause anonymous chatters to scatter, but they can regroup at any of a million different chatrooms, and once the attack is over, the website will come back up, no worse for wear. Since I think that attacks like this don't deserve the ferocious prosecutions they tend to get, I don't think that the British government perpetrating them deserves the amount of outrage it is getting from some of the tech press.

Quinn Norton responds:

There's a few interesting things at issue here, and they make this more important than it may first appear. One is the disproportionate power of something like GCHQ or NSA -- with their capacity and tools, they can take an anonops server, or any other activist or community concern, down for weeks or even months without a problem. To compare that to the massive effort that went into even slowing a target like Paypal, and it's obvious that these two adversaries are not on par. There is little reason for an intel agency to use the same measures as Anonymous. They don't need to recruit or compromise the computer power to take something offline. They have better tools, and effectively endless budget to do it.

But it is still true that a syn flood DoS is as illegal as a DDoS under both the Computer Misuse Act and the CFAA. We rightfully get upset with the government when it ignores the law, because it can do so at such a wider scale. Under what authority did GCHQ break the CMA, what legal theory did they apply, and where else do they feel at liberty to break it? These are very chilling questions this abuse raises, as strange and sometimes unsympathic as their targets may seem to people.

Lastly, Anonymous got a lot of press for hacks, but the majority of the collective were never hackers, or involved in crime, much less crime at the level of national security. These servers were places people gathered, told bad jokes, traded the occasional manifesto, planned street protests and helped dissidents on the ground in countries across the world, as well as planned (mostly unsuccessful) DDoSs and hacking actions. They coordinated video production and leafletting. They pranked each other -- sometimes nasty pranks like swatting (getting a swat team to show up at your victim's house) but hardly anything that deserved the attention of these major players. In American terms this would represent prior restraint of the worst kind, and a violation of the right of assembly. We may or may not think the people it happened to deserved it, but it remains that rights and laws are there for everyone, even the asshats of Anonymous.

One more thing, as I've written here: The most bad-ass scary group of hackers Anonymous ever had were, for all practical purposes, a fiction being coordinated by the FBI. It is unclear to me how much the FBI's involvement overlaps with GCHQ's attacks, but it's clear that various US-UK agencies were in touch since coordination over the Lulzsec investigation. This means they knew a lot about the shape of Anonymous, and how the hackers coordinated. They would have known their target was much more political than criminal.

In a way, you're right. As a whole, Anonymous was not that politically sophisticated in 2010 & 2011. But the severe disruption of politial organizing and association online, done with overwhelming force (in network terms) and in secret, by government intelligence is no comforting thought for a democracy.